We’ve gathered the week’s most important cybersecurity news.
- Bitdefender researchers обнаружили a new malware BHUNT, aimed at stealing funds from cryptocurrency wallets, passwords and seed phrases.
- Hackers compromised data of 515,000 people in the attack on the Red Cross.
- According to reports, among those detained by the FSB as possible members of REvil was a hacker who attacked Colonial Pipeline.
Experts discovered malware aimed at cryptocurrency wallets
Bitdefender researchers обнаружили a new BHUNT malware, aimed at stealing funds from cryptocurrency wallets, passwords and seed phrases.
The malware can also steal cookies and other sensitive information stored in Chrome and Firefox caches.
Bitdefender urged users never to download software from untrusted sources and to install updates promptly.
Data of half a million people compromised in Red Cross attack
Personal data of 515,000 people was compromised as a result of an attack on the International Committee of the Red Cross servers.
Most of the data belonged to people in an “extremely vulnerable position” — separated from their families due to armed conflicts, displacement and natural disasters, missing persons and their families, and those in custody.
Who is behind the attack is unknown. The Red Cross urged hackers to “do the right thing” — not to sell or disseminate the obtained information.
UK government plans to campaign against end-to-end encryption through advertising
The UK government will launch an “advertising blitz” against end-to-end encryption, Rolling Stone reports. The main aim is to sway public opinion against Meta’s plan to roll out encryption in Messenger.
To implement this initiative, the Home Office hired the advertising agency M&C Saatchi.
The main argument by law enforcement against end-to-end encryption is the potential threat to child safety and the hindrance of identifying criminals. Because of such concerns, Meta was forced to delay its rollout in Messenger and Instagram by default until 2023.
ProtonMail strengthened anti-tracking protection
The ProtonMail team unveiled enhanced tracking protection. The email service will block tracking pixels in messages and conceal IP addresses.
Thanks to trackers embedded in emails, third parties can access recipient data, including their location, ProtonMail said.
Media: among detained REvil members was a hacker who attacked Colonial Pipeline
During the arrest of suspects involved with the REvil hacking group, Russian authorities arrested one of those responsible for the Colonial Pipeline breach, The Washington Post reports, citing sources.
Last year, Colonial Pipeline was attacked by a ransomware operation that stole about 100 GB of data and crippled computer systems. The attack was attributed to the DarkSide group, hackers linked to Russia.
To restore operations and recover data, Colonial Pipeline paid the attackers 75 BTC.
Subsequently the FBI recovered 63.7 BTC from the ransom paid by the company. How the agency gained access to the bitcoin wallet is not known.
In January 2021 the FSB announced the arrest of 14 REvil members after a request from the US.
Brazilian authorities did not rule out blocking Telegram
In Brazil, blocking the Telegram messenger is not ruled out due to concerns about fake news spreading during the October 2022 elections, Valor Economico reports.
The head of the Superior Electoral Court, Roberto Barroso, attempted to contact Telegram founder Pavel Durov to discuss cooperation in combating fake news circulated via the messenger, but received no response.
Brazil has already struck similar agreements with Twitter, Facebook and WhatsApp.
Also on ForkLog:
- BTC-Alpha подтвердили частичную утечку клиентских данных.
- Crypto.com disclosed details of the recent breach. About $34 million was withdrawn from the platform.
- The Multichain cross-chain protocol team announced a fix for a critical vulnerability. It had already been exploited by hackers.
- Binance joined the alliance against cybercrime allegations.
- The Lazarus division targeted bitcoin startups.
What to read this weekend?
REvil is considered one of the largest groups behind ransomware distribution, and the arrest of its alleged members has generated wide resonance. Last year ransomware was on everyone’s lips — from cybersecurity specialists and media to government authorities.
We explain what the ransomware threat entails and what consequences it may have for the cryptocurrency industry.
Read ForkLog’s bitcoin news on our Telegram — cryptocurrency news, prices, and analysis.